As critical as it is, protection will fail. You need robust detection as well.
Stories by By Ira Winkler and Araceli Treu Gomes
Another hack, another claim of inevitability. It is frustrating to read about <a href="http://www.computerworld.com/article/2926351/security/thieves-stole-data-on-100000-taxpayers-via-irs-app.html">the IRS breach</a> and see it declared sophisticated. The following quote, from the IRS commissioner to CNN, is just outright infuriating:
The feedback from our last article, in which we laid out what we call <a href="http://www.computerworld.com/article/2913378/cybercrime-hacking/the-irari-rules-for-declaring-a-cyberattack-sophisticated.html">the Irari Rules for classifying a cyberattack as "sophisticated,"</a> was overwhelmingly positive. Nonetheless, a few people we respect disagreed with us. Ironically, examining why they disagreed demonstrates why the Irari Rules are relevant.
Organizations hit by a cyberattack have reason to <a href="http://www.computerworld.com/article/2882202/the-sophisticated-attack-myth.html?nsdr=true">call the attack "sophisticated."</a> But calling an attack sophisticated doesn't make it sophisticated. We have put our heads together and come up with some rules for determining whether an attack is sophisticated, and we have put our names together (Ira and Ari) to give these rules a name: the Irari rules. If any of the following conditions occur, the attack is <em>not</em> sophisticated:
So who was really behind the Sony hack? And does it really matter?